Overview

overview

10

Static

static

46bc9071c8...a2.exe

windows7_x64

10

46bc9071c8...a2.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    46bc9071c81a07fd3969e2bc4883acdf0b82461b576ab5a29849d11e871870a2

  • Size

    5.4MB

  • Sample

    210504-sa7qv9yxxj

  • MD5

    68dfda30194dce7f7bba0cc722397ab5

  • SHA1

    bf16f0b00d0639700ddc3cec8342a77e56d31677

  • SHA256

    46bc9071c81a07fd3969e2bc4883acdf0b82461b576ab5a29849d11e871870a2

  • SHA512

    0d249c3c7e82bb25be97860e63915c5a37d6322bce89c5a5b93683b2c491d48ce15a3888d6eb200d3d018364138d93f929db7f569cb2c7731177a46fbe4c5262

Score
10/10
xmrigminerpersistence

Malware Config

Targets

    • Target

      46bc9071c81a07fd3969e2bc4883acdf0b82461b576ab5a29849d11e871870a2

    • Size

      5.4MB

    • MD5

      68dfda30194dce7f7bba0cc722397ab5

    • SHA1

      bf16f0b00d0639700ddc3cec8342a77e56d31677

    • SHA256

      46bc9071c81a07fd3969e2bc4883acdf0b82461b576ab5a29849d11e871870a2

    • SHA512

      0d249c3c7e82bb25be97860e63915c5a37d6322bce89c5a5b93683b2c491d48ce15a3888d6eb200d3d018364138d93f929db7f569cb2c7731177a46fbe4c5262

    Score
    10/10
    xmrigminerpersistence

    • Adds autorun key to be loaded by Explorer.exe on startup

      persistence

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

      minerxmrig

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks